WP-Safety

Data Feed by TTG for WooCommerce Security & Risk Analysis

wordpress.org/plugins/data-feed-by-ttg-for-woocommerce

Real-time firearm data feed for WooCommerce with support for RSR, Zanders, Sports South, Lipseys, Davidsons, and more.

10 active installs v1.0.25 PHP 7.4+ WP 6.0+ Updated Nov 11, 2025
distributor-feedfflgun-data-feedlipseys-sporths-southrsr-group-davidsons
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Data Feed by TTG for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Data Feed by TTG for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago
Risk Assessment

The plugin "data-feed-by-ttg-for-woocommerce" v1.0.25 demonstrates some positive security practices, such as consistently using prepared statements for SQL queries and a high percentage of properly escaped output. The absence of any known CVEs or recorded vulnerabilities in its history is a strong indicator of a generally well-maintained and secure codebase. Furthermore, the lack of critical or high-severity taint flows suggests that user-controlled data is being handled with reasonable care.

However, a significant concern arises from the static analysis, which reveals a total of 4 AJAX handlers, all of which lack authentication checks. This presents a considerable attack surface. While there are nonce checks present (5 total), their effectiveness is diminished if the underlying AJAX actions themselves are not protected by capability checks. The single external HTTP request should also be monitored for potential vulnerabilities in the target service.

In conclusion, while the plugin's historical security record and internal data handling practices are commendable, the presence of unprotected AJAX endpoints is a notable weakness that could be exploited by attackers. Addressing these unprotected entry points should be the primary focus for improving the plugin's security posture.

Key Concerns

  • AJAX handlers without authentication checks
  • Limited capability checks on entry points
Vulnerabilities
None known

Data Feed by TTG for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Data Feed by TTG for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
1
49 escaped
Nonce Checks
5
Capability Checks
1
File Operations
0
External Requests
1
Bundled Libraries
0

Output Escaping

98% escaped50 total outputs
Data Flows
All sanitized

Data Flow Analysis

2 flows
<credentials> (admin\pages\credentials.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Data Feed by TTG for WooCommerce Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_ttg_local_categories_api_actionincludes\plugin.php:130
noprivwp_ajax_ttg_local_categories_api_actionincludes\plugin.php:131
authwp_ajax_ttg_create_wc_category_actionincludes\plugin.php:133
noprivwp_ajax_ttg_create_wc_category_actionincludes\plugin.php:134
WordPress Hooks 24
filterpost_thumbnail_htmlincludes\class-ttg-image-gallery.php:42
filterwoocommerce_structured_data_productincludes\class-ttg-image-gallery.php:43
filterfacebook_for_woocommerce_integration_prepare_productincludes\class-ttg-image-gallery.php:44
filterwoocommerce_product_get_image_idincludes\class-ttg-image-gallery.php:45
actioninitincludes\class-ttg-image-gallery.php:48
actionadd_meta_boxesincludes\class-ttg-image-gallery.php:53
actionadmin_enqueue_scriptsincludes\class-ttg-image-gallery.php:54
filterwp_get_attachment_image_srcincludes\class-ttg-image-gallery.php:55
filterget_product_metadataincludes\class-ttg-image-gallery.php:56
actionadmin_initincludes\class-ttg-image-gallery.php:57
filterget_product_metadataincludes\class-ttg-image-gallery.php:68
filterget_product_variation_metadataincludes\class-ttg-image-gallery.php:69
filterwp_get_attachment_image_srcincludes\class-ttg-image-gallery.php:70
filterwoocommerce_product_get_gallery_image_idsincludes\class-ttg-image-gallery.php:71
filterwoocommerce_available_variationincludes\class-ttg-image-gallery.php:72
filterwoocommerce_admin_order_item_thumbnailincludes\class-ttg-image-gallery.php:165
actionplugins_loadedincludes\plugin.php:112
actionadmin_enqueue_scriptsincludes\plugin.php:126
actionadmin_enqueue_scriptsincludes\plugin.php:127
actionadmin_menuincludes\plugin.php:128
actionwoocommerce_product_duplicateincludes\plugin.php:136
actionadd_meta_boxesincludes\plugin.php:139
actionadd_meta_boxesincludes\plugin.php:142
actionadd_meta_boxesincludes\plugin.php:145
Maintenance & Trust

Data Feed by TTG for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5
Last updatedNov 11, 2025
PHP min version7.4
Downloads543

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Data Feed by TTG for WooCommerce Alternatives

PWA for WP – Progressive Web Apps Made Simple

PWA for WP – Progressive Web Apps Made Simple

pwa-for-wp

A
95

PWA plugin is bringing the power of the Progressive Web Apps to the WP & AMP to take the user experience to the next level.

20K 5 CVEs
Media Cloud for Bunny CDN, Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean and more

Media Cloud for Bunny CDN, Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean and more

ilab-media-tools

A
92

Automatically store media on Amazon S3, Cloudflare R2, Google Cloud Storage, DigitalOcean Spaces + others. Serve CSS/JS assets through CDNs.

7K 1 CVE
Advanced Media Offloader

Advanced Media Offloader

advanced-media-offloader

A
100

Save server space & speed up your site by automatically offloading media to Amazon S3, Cloudflare R2 & more.

3K No CVEs
Lemmony Companion

Lemmony Companion

lemmony-companion

A
85

The Lemmony Companion is a companion plugin for the Lemmony theme. Adds additional block editor blocks needed for the best theme experience.

3K No CVEs
Coming Soon Page & Maintenance Mode

Coming Soon Page & Maintenance Mode

responsive-coming-soon

A
90

Coming Soon Plugin and Maintenance Mode plugin with Launch page & site offline plugin for your Website while it's under construction.

3K 3 CVEs
Developer Profile

Data Feed by TTG for WooCommerce Developer Profile

Texas Technology Group

2 plugins · 30 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Data Feed by TTG for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/data-feed-by-ttg-for-woocommerce/assets/css/admin.css/wp-content/plugins/data-feed-by-ttg-for-woocommerce/assets/js/data-feed-by-ttg-for-woocommerce.js/wp-content/plugins/data-feed-by-ttg-for-woocommerce/assets/js/ttg-admin-menu.js
Script Paths
/wp-content/plugins/data-feed-by-ttg-for-woocommerce/assets/js/data-feed-by-ttg-for-woocommerce.js/wp-content/plugins/data-feed-by-ttg-for-woocommerce/assets/js/ttg-admin-menu.js
Version Parameters
data-feed-by-ttg-for-woocommerce/assets/css/admin.css?ver=data-feed-by-ttg-for-woocommerce/assets/js/data-feed-by-ttg-for-woocommerce.js?ver=data-feed-by-ttg-for-woocommerce/assets/js/ttg-admin-menu.js?ver=

HTML / DOM Fingerprints

CSS Classes
ttg_data_feed_product_idttg_data_feed_upc_codettg_data_feed_manufacturerttg_data_feed_distributorttg_ffl_requires_checkoutttg_data_feed_stockttg_data_feed_cost_pricettg_data_feed_map_price+1 more
Data Attributes
ttg_category_id
JS Globals
DataFeedByTTG_AdminPageTexasTechnologyGroup_PluginAboutPage
REST Endpoints
/wp-json/data-feed-by-ttg-for-woocommerce/v1/get_local_categories
FAQ

Frequently Asked Questions about Data Feed by TTG for WooCommerce